JVN#50227837
Touhou Hisouten vulnerable to denial-of-service
Overview
Touhou Hisouten from Twilight Frontier contains a denial-of-service (DoS) vulnerability.
Products Affected
- Touhou Hisouten Ver1.06 and earlier
Description
Touhou Hisouten from Twilight Frontier is a video game which has an online match mode. Touhou Hisouten contains an issue when processing network traffic, which may result in a denial-of-service (DoS).
Impact
A remote attacker may cause an unexpected application termination.
Solution
Apply a patch
Apply a patch according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| Twilight Frontier | Touhou Hisouten - Scarlet Weather Rhapsody (Japanese Only) |
References
JPCERT/CC Addendum
A patch addressing a similar issue for the sister product "Touhou Hisoutensoku" was released on September 22, 2011.
Vulnerability Analysis by JPCERT/CC
Analyzed on 2011.10.28
| Measures | Conditions | Severity |
|---|---|---|
| Access Required | can be attacked over the Internet using packets |
|
| Authentication | anonymous or no authentication (IP addresses do not count) |
|
| User Interaction Required | the vulnerability can be exploited without an honest user taking any action |
|
| Exploit Complexity | the user must be convinced to take a difficult or suspicious action. If the honest user must have elevated privileges, they are likely to be more suspiciouse |
|
Credit
Yuma Kurogome reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2011-3995 |
| JVN iPedia |
JVNDB-2011-000089 |